<!DOCTYPE html>
<html lang="en" class="bg-black">
<head>
    <!--
      Read more about our custom configuration and use of Google Analytics here:
      https://bugzilla.mozilla.org/show_bug.cgi?id=1122305#c8
    -->
    
    <script async src="https://www.googletagmanager.com/gtag/js?id=UA-66267220-1"></script>
    <script src="/analytics.js"></script>
    

    <meta charset="utf-8">
    <meta http-equiv="Content-Security-Policy" content="default-src 'none'; base-uri 'none'; connect-src https://www.google-analytics.com; font-src 'self'; img-src 'self' https://www.google-analytics.com; script-src 'self' https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/js; style-src 'self'">
    <meta http-equiv="X-UA-Compatible" content="IE=edge">
    <meta name="viewport" content="width=device-width, initial-scale=1">
    <meta name="author" content="April King">
    <meta name="description" content="An easy-to-use secure configuration generator for web, database, and mail software">
    <meta property="og:title" content="Mozilla SSL Configuration Generator">

    <!-- favicon stuff -->
    <link rel="apple-touch-icon" type="image/png" sizes="180x180" href="/images/favicons/apple-touch-icon-180x180.png">
    <link rel="icon" type="image/png" sizes="196x196" href="/images/favicons/favicon-196x196.png">
    <link rel="shortcut icon" href="/images/favicons/favicon.ico">

    <title>Mozilla SSL Configuration Generator</title>
<link href="39dd7eed14622039aa44.index.css" rel="stylesheet"></head>
<body>
  <div class="container pt-4">
    <div class="h2 pb-2">
      <span class="bg-black text-white px-3">moz://a</span>
      <span class="d-none d-md-inline-block">SSL Configuration Generator</span>
      <span class="d-inline-block d-md-none">SSL Config Generator</span>
    </div>

    <form id="form-generator">
      <div class="form-row">
        <!-- server software, populated from entries in configs.js with names -->
        <div class="col-12 col-md-2 form-server">
          <h5>Server Software</h5>
          
            <div class="form-check">
              <input class="form-check-input" type="radio" name="server" id="server-apache" value="apache" >
              <label class="form-check-label" for="server-apache">
                Apache
              </label>
            </div>
            

          
            <div class="form-check">
              <input class="form-check-input" type="radio" name="server" id="server-awsalb" value="awsalb" >
              <label class="form-check-label" for="server-awsalb">
                AWS ALB
              </label>
            </div>
            

          
            <div class="form-check">
              <input class="form-check-input" type="radio" name="server" id="server-awselb" value="awselb" >
              <label class="form-check-label" for="server-awselb">
                AWS ELB
              </label>
            </div>
            

          
            <div class="form-check">
              <input class="form-check-input" type="radio" name="server" id="server-caddy" value="caddy" >
              <label class="form-check-label" for="server-caddy">
                Caddy
              </label>
            </div>
            

          
            <div class="form-check">
              <input class="form-check-input" type="radio" name="server" id="server-dovecot" value="dovecot" >
              <label class="form-check-label" for="server-dovecot">
                Dovecot
              </label>
            </div>
            

          
            <div class="form-check">
              <input class="form-check-input" type="radio" name="server" id="server-exim" value="exim" >
              <label class="form-check-label" for="server-exim">
                Exim
              </label>
            </div>
            

          
            <div class="form-check">
              <input class="form-check-input" type="radio" name="server" id="server-golang" value="golang" >
              <label class="form-check-label" for="server-golang">
                Golang
              </label>
            </div>
            

          
            <div class="form-check">
              <input class="form-check-input" type="radio" name="server" id="server-haproxy" value="haproxy" >
              <label class="form-check-label" for="server-haproxy">
                HAProxy
              </label>
            </div>
            

          
            <div class="form-check">
              <input class="form-check-input" type="radio" name="server" id="server-lighttpd" value="lighttpd" >
              <label class="form-check-label" for="server-lighttpd">
                lighttpd
              </label>
            </div>
            
        </div>
        <div class="col-12 col-md-2 form-server">
        <h5 class="d-none d-md-block">&nbsp;</h5>
            

          
            <div class="form-check">
              <input class="form-check-input" type="radio" name="server" id="server-mysql" value="mysql" >
              <label class="form-check-label" for="server-mysql">
                MySQL
              </label>
            </div>
            

          
            <div class="form-check">
              <input class="form-check-input" type="radio" name="server" id="server-nginx" value="nginx" checked>
              <label class="form-check-label" for="server-nginx">
                nginx
              </label>
            </div>
            

          
            <div class="form-check">
              <input class="form-check-input" type="radio" name="server" id="server-oraclehttp" value="oraclehttp" >
              <label class="form-check-label" for="server-oraclehttp">
                Oracle HTTP
              </label>
            </div>
            

          
            <div class="form-check">
              <input class="form-check-input" type="radio" name="server" id="server-postfix" value="postfix" >
              <label class="form-check-label" for="server-postfix">
                Postfix
              </label>
            </div>
            

          
            <div class="form-check">
              <input class="form-check-input" type="radio" name="server" id="server-postgresql" value="postgresql" >
              <label class="form-check-label" for="server-postgresql">
                PostgreSQL
              </label>
            </div>
            

          
            <div class="form-check">
              <input class="form-check-input" type="radio" name="server" id="server-proftpd" value="proftpd" >
              <label class="form-check-label" for="server-proftpd">
                ProFTPD
              </label>
            </div>
            

          
            <div class="form-check">
              <input class="form-check-input" type="radio" name="server" id="server-tomcat" value="tomcat" >
              <label class="form-check-label" for="server-tomcat">
                Tomcat
              </label>
            </div>
            

          
            <div class="form-check">
              <input class="form-check-input" type="radio" name="server" id="server-traefik" value="traefik" >
              <label class="form-check-label" for="server-traefik">
                Traefik
              </label>
            </div>
            

          
        </div>

        <!-- config -->
        <div class="col-12 col-md-4" id="form-config">
          <h5 class="mt-3 mt-md-0">Mozilla Configuration</h5>
          <div class="form-check">
            <input class="form-check-input" type="radio" name="config" id="config-modern" value="modern">
            <label class="form-check-label" for="config-modern">
              Modern
              <small class="form-text text-muted">Services with clients that support TLS 1.3 and don't need backward compatibility</small>
            </label>
          </div>
          <div class="form-check">
            <input class="form-check-input" type="radio" name="config" id="config-intermediate" value="intermediate" checked>
            <label class="form-check-label" for="config-intermediate">
              Intermediate
              <small class="form-text text-muted">General-purpose servers with a variety of clients, recommended for almost all systems</small>
            </label>
          </div>
          <div class="form-check">
            <input class="form-check-input" type="radio" name="config" id="config-old" value="old">
            <label class="form-check-label" for="config-old">
              Old
              <small class="form-text text-muted">Compatible with a number of very old clients, and should be used only as a last resort</small>
            </label>
          </div>
        </div>

        <!-- versions -->
        <div class="col-12 col-md-4" id="form-environment">
          <h5 class="mt-3 mt-md-0">Environment</h5>
          <div class="input-group">
            <div class="input-group-prepend">
              <span class="input-group-text">Server Version</span>
            </div>
            <input type="text" class="form-control" aria-label="Server Version" aria-described="version" id="version" value="1.17.7">
          </div>
          <div class="input-group mt-2">
            <div class="input-group-prepend">
              <span class="input-group-text">OpenSSL Version</span>
            </div>
            <input type="text" class="form-control" aria-label="OpenSSL Version" aria-described="openssl" id="openssl" value="1.1.1d">
          </div>

          <h5 class="mt-3">Miscellaneous</h5>
          <div class="input-group">
            <div class="input-group-prepend">
              <div class="input-group-text">
                <input type="checkbox" id="hsts" aria-label="HTTP Strict Transport Security" checked>
              </div>
            </div>
            <input type="text" class="form-control bg-white" aria-describedby="hsts-help" aria-label="HTTP Strict Transport Security" value="HTTP Strict Transport Security" readonly>
          </div>
          <small id="hsts-help" class="form-text text-muted">This also redirects to HTTPS, if possible</small>
          <div class="input-group mt-2">
            <div class="input-group-prepend">
              <div class="input-group-text">
                <input type="checkbox" id="ocsp" aria-label="OCSP Stapling" checked>
              </div>
            </div>
            <input type="text" class="form-control bg-white" aria-label="OCSP Stapling" value="OCSP Stapling" readonly>
          </div>
        </div>
      </div>
    </form>

    <div id="output-header"></div>

    <div id="output-config-container">
      <pre class="border p-3"><code id="output-config"></code></pre>
      <button type="button" class="btn btn-light border text-muted" id="copy" data-toggle="tooltip" data-placement="top" data-trigger="manual" title="Copied!" data-clipboard-target="#output-config">
        <svg id="copy-icon" viewBox="0 0 14 16" version="1.1" aria-hidden="true"><path fill-rule="evenodd" d="M2 13h4v1H2v-1zm5-6H2v1h5V7zm2 3V8l-3 3 3 3v-2h5v-2H9zM4.5 9H2v1h2.5V9zM2 12h2.5v-1H2v1zm9 1h1v2c-.02.28-.11.52-.3.7-.19.18-.42.28-.7.3H1c-.55 0-1-.45-1-1V4c0-.55.45-1 1-1h3c0-1.11.89-2 2-2 1.11 0 2 .89 2 2h3c.55 0 1 .45 1 1v5h-1V6H1v9h10v-2zM2 5h8c0-.55-.45-1-1-1H8c-.55 0-1-.45-1-1s-.45-1-1-1-1 .45-1 1-.45 1-1 1H3c-.55 0-1 .45-1 1z"></path></svg> Copy</button>
    </div>
  </div>

  <footer class="w-100 bg-black text-white mt-5">
    <div class="container mt-3">

      <div class="row pt-5">
        <div class="h5">
          <span class="bg-white text-black ml-3 ml-md-0 px-2 py-point-5">moz://a</span>
        </div>
      </div>

      <div class="row pt-4">
        <div class="col-12 col-md-4">
          <h5>Company</h5>
          <ul class="list-unstyled">
            <li><a class="text-white" href="https://www.mozilla.org/about/">About</a></li>
            <li><a class="text-white" href="https://blog.mozilla.org/press/">Press Center</a></li>
            <li><a class="text-white" href="https://careers.mozilla.org/?utm_source=ssl-config.mozilla.org&utm_medium=referral&utm_campaign=footer&utm_content=company">Careers</a></li>
          </ul>
        </div>

        <div class="col-12 col-md-4">
          <h5>Resources</h5>
          <ul class="list-unstyled">
            <li><a class="text-white" href="https://developer.mozilla.org/">Mozilla Developer Network</a></li>
            <li><a class="text-white" href="https://observatory.mozilla.org/">Mozilla Observatory</a></li>
            <li><a class="text-white" href="https://www.ssllabs.com/ssltest/">Qualys SSL Labs Server Test</a></li>
            <li><a class="text-white" href="https://wiki.mozilla.org/Security/Server_Side_TLS">Server Side TLS guidelines</a></li>
            <li><a class="text-white" href="https://infosec.mozilla.org/guidelines/web_security">Web Security guidelines</a></li>
          </ul>
        </div>

        <div class="col-12 col-md-4">
          <h5>Product Help</h5>
          <ul class="list-unstyled">
            <li><a class="text-white" href="https://github.com/mozilla/ssl-config-generator/issues">File a bug</a></li>
            <li><a class="text-white" href="https://github.com/mozilla/ssl-config-generator#creating-templates">Supporting new software</a></li>
          </ul>
        </div>
      </div>
    </div>

    
    <div class="w-100 d-none d-md-block pr-3 pb-1 small text-right text-muted"><a class="text-secondary" href="https://github.com/mozilla/ssl-config-generator/commit/36b8081">build 36b8081</a>, generated 2020-02-18</div>
    
  </footer>
<script type="text/javascript" src="39dd7eed14622039aa44.index.js"></script></body>
</html>
